Should you have any questions which are not being addressed on this page, please do not hesitate to contact us.
Who is responsible for Validation?
What is an IQ?
What does an IQ contain?
What is an OQ?
What does an OQ contain?
What is a PQ?
Why produce a PQ?
What does a PQ contain?
What is a SOP?
Why produce a SOP?
What is an URS?
Why produce a URS?
What does a URS contain?
What is an FAT?
Why produce a FAT?
What does a FAT contain?
What do we need to satisfy 21 CFR Part 11?
What is GAMP4?
As an equipment supplier what Quality Planning do we need?
What industries does Tanis Technical serve?
Why should I choose Tanis Technical as our validation provider?
What is the definition of hybrid system? Could you give an example of one?
If using a 'hybrid system' approach to e-signatures, how do you link the handwritten signature to the e-record?
What are some examples of audio data that may be captured in the Pharmaceutical Industry? Specific Examples?
I keep electronic records but have signatures on paper (hybrid systems). Is there a deadline for converting to electronic signatures?
When does an audit trail begin?
Should execution of a signature be audit trailed?
Are e-mails controlled documents?
Can a single restricted login suffice as an electronic signature?
When are e-signatures required?
Should a company individually certify that every associate's electronic signature is legally binding?
FDA has issued a new guideline on data and time. It is not mandatory that it is local?
Does outsourcing of a computer make a system an open system? Additionally would the external access of an external vendor for maintenance work (e.g. using a modem) to a computer system make that an open system?
What do you mean by linking e-records to e-signatures?
Can you share a sample FDA Warning Letter, or is that proprietary information?
What is 'grand fathering'?
What is GxP?
What is a 'Predicate Rule'?
Are HIPPA regulations considered a predicate rule with regard to medical records maintained electronically?
How can you make sure that e-records are still readable throughout the retention period (with focus on the formats)? Currently mostly proprietary formats are in use (e.g. in the lab area) and the possibility to read these formats in a few years is difficult (especially if the vendor is changed). Printing or converting into PDF or similar is only a partly solution. 'What would/could be a long-term solution here?
What is 'metadata'?
If you use Electronic Signatures, do you have to comply with Electronic Record Requirements?
Do you have a format or example for the certification for e-signatures that a company can send to the FDA?
Which kind of media (CD Roms, WORMs, etc.) can be considered "21CFRPart11 compliant" from point of view of good retention period?
How do you recommend handling CROs and vendors in a timely basis?
What must a vendor do to claim that their hardware and software are 'compliant' with 21 CFR Part 11?
Does Part 11 apply to instruments themselves that are not connected to computers but that have microprocessors within?
Are electronic signatures always required on the creation of electronic records?
Is a 'Gap Analysis' a necessary step to become 21 CFR Part11 compliant?
If a GLP computer is in a lab with physical access control to the doors to the lab, but the application software on that lab computer has no logical access control, does this system comply with Part 11?
What are the expected means for reporting attempts at forging electronic signatures?
What is an appropriate audit trail for an Excel Spreadsheet? Some indicate you should track every single cell change and others say it should be tracked the same way a document management system would do it (track final versions only, intermediate drafts don't count only after all changes have been made and approved)?
Please further elaborate/define "Hashing"
In Part 11.300, controls for identification codes/passwords usage is listed under Subpart C -- Electronic Signatures. Are these requirements only applicable if your system is utilizing e-signatures? It seems that these should be applicable to any system with e-records.
Given the fact that most of the systems needing to be complaint are usually found not to be compliant and are usually replaced, does it make sense to do a gap analysis or go directly to remediation?
Is an audit of a vendor enough to ensure that the technical controls (in their product) are all present and compliant?
Could you define and provide examples of systems that are critical to "data integrity"?
Technical solutions may take sometime to implement, what is FDA position on timelines?
What type of 'reporting' capability on audit trail data should be supported?
For clinical data management systems, where does the audit trail begin.... after first entry or after the data has been verified and uploaded to the data management system?
How does the digital signature verify that the document hasn't been altered after signing?
For an HPLC system, are the parameters entered for a chromatographic run considered an electronic record?
